wo 2005/003937 



PCT/GB2003/005438 



14 

1. A method for a registry of business entity definitions to handle user 
requests to access business entity definitions, the method comprising 
steps of: 

receiving a request from a user to access a business entity 

definitions- 
obtaining, from data associated with the request, the identity of 

the user; 

determining, from permission details associated with the business 
entity definition and the identity of the user, whether the user has 
permission to access information in the business entity definition; and 

denying the user access to information in the business entity 
definition if it is determined that the user does not have permission. 

2. The method of claim 1 wherein the request specifies a search criteria, 
eind. method comprises the further step of: 

using the search criteria to locate the business entity definition 
and to determine what information in the business entity definition the 
user wishes to access. 

3. The method of claim 1 or claim 2 wherein: the information in the 
business entity definition comprises a plurality of information elements 
each having permission details associated therewith; the step of 
determining determines from permission details associated with each 
information element whether the user has permission to access that 
information element; and the step of denying denies the user access to 
those information elements for which it is determined that the user does 
not have permission. 

4. The method of claim 3 wherein the determining step further determines 
whether a user has permission to access an information element from an 
access policy and permission details associated with a different 
information element. 

5. The method of claim 4 wherein the information elements are in a 
hierarchy and the determining step determines that a user does not have 
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permission to access a first information element if permission details 
associated with one or more second information elements directly beneath 
the first information element in the hierarchy indicate that user does not 
have access to one or more of the second information elements. 

5 

6. The method of any one of claims 3, 4 and 5 comprising the further step 
of: 

locating the pezmission details in a file system in which the 
10 permission details are in a location in the file system which is defined 

according to the information element with which they are associated. 

7. The method of any preceding claim wherein the registry is a UDDI 
registry and the information in the business entity definition is a 

15 business entity information element, the business entity information 

element containing one or more business iservice entity information 
elements, each business service entity containing one or more binding 
template infozmation elements and each binding template containing one or 
more references each referring to a technical model information element. 

20 

8. A registry of business entity definitions for handling requests to 
access business entity definitions, the registry comprising: 

means for receiving a request from a user to access a business 
25 entity definitions- 

means for obtaining, from data associated with the request, the 
identity of the user; 

30 means for determining, from permission details associated with the 

business entity definition and the identity of the user, whether the user 
has permission to access information in the business entity definition; 
and 

means for denying the user access to information in the business 
35 entity definition if it is determined that the user does not have 

permission . 



40 



9. The registry of claim 1 wherein the request specifies a search 
criteria, and the registry further comprises: 
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means for using the search criteria to locate the business entity 
definition and to determine what information in the business entity 
definition the user wishes to access. 

5 10. The registry of claim 8 or claim 9 wherein: the inf omiation in the 

business entity definition comprises a plurality of information elements 
each having permission details associated therewith, each of the plurality 
of information elements; the means for determining determines from 
permission details associated with each information element whether the 
10 user has permission to access that information element; and the means for 

denying denies the user access to those information elements for which it 
is determined that the user does not have permission. 

11. The registry of claim 10 wherein the determining means further 

15 determines whether a user has permission to access an information element 

from an access policy and permission details associated with a different 
information element. 

12. The registry of claim 11 wherein the information elements are in a 
20 hierarchy and the access policy specifies that a user does not have 

permission to access a first information element if permission details 
associated with one or more second information elements directly beneath 
the first information element in the hierarchy indicate that user does not 
have access to one or more of the second information elements . 



25 



40 



13. The registry of any one of claims 10, 11 and 12 further comprising: 



means for locating the permission details in a file system in which 
the permission details are in a location in the file system which is 
30 defined according to the information element with which they are 

associated. 

14. The registry of any one of claims 8 to 13 wherein the registry is a 
UDDI registry and the information in the business entity definition is a 
35 business entity information element, the business entity information 

element containing one or more business service entity information 
elements, each business service entity containing one or more binding 
template information elements and each binding template containing one or 
more references each referring to a technical model information element. 



15. A registry service for handling user requests to access business 
entity definitions, providing the service comprising the steps of: 
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receiving a request from a user to access a business entity 
definition; 

obtaining, from data associated with the request, the identity of 
the user; 

determining, from permission details associated with the business 
entity definition and the identity of the user, whether the user has 
permission to access information in the business entity definition; and 

denying the user access to information in the business entity 
definition if it is determined that the user does not have permission. 

16. A computer program product comprising instructions which, when run on 
a data processing host, cause said data processing host to carry out a 
method according to any one of claims 1 to 7 . 



